2. Company
2
PT Digital Jagad Nusantara (DJN) is an Information
Technology (IT) company that specializes in cyber security
services for all pillars of ISO27001 and NIST Cyber Security
Framework. DJN focus to provide you with the best services in
the realms of Vulnerability Assessment & Penetration Testing,
Security Operation Center (SOC) service providers since
2018. https://digitaljagadnusantara.com/
3. Our Assessment based on
Center of Internet Security (CIS)
provides well-defined, un-biased and
consensus-based industry best practices.
Open Source Security Testing
Methodology Manual (OSSTMM)
covers security testing, security analysis,
operational security metrics, trust
analysis, operational trust metrics, and
the tactics
Information System Security Assessment
Framework (ISSAF)
structured framework that categorizes
information system security assessment
into various domains & details specific
evaluation
Web Application Security Project
(OWASP) .
penetration testing guide that
describes techniques for testing
most common web application,
web service and mobile security
issues.
SANS Institute Critical Security
Controls.
Recommended set of actions for
cyber defense that provide specific
and actionable ways to stop today's
most pervasive and dangerous
attacks
3
5. Application Penetration Testing – OWASP
Methodology
1. INFORMATION
GATHERING
2. CONFIGURATI
ON AND
DEPLOYMENT
MANAGEMENT
TESTING
3. IDENTITY
MANAGEMENT
TESTING
1. AUTHENTICATI
ON TESTING
2. AUTHORIZATI
ONTESTING
3. SESSION
MANAGEMENT
TESTING
1. INPUT
VALIDATION
TESTING
2. TESTING FOR
ERROR
HANDLING
3. TESTING FOR
WEAK
CRYPTOGRAPHY
4. BUSINESS LOGIC
TESTING
5
6. OWASP standard has been adopted the international community as a standard for penetration testing. We Group
will OWASP testing methodology for Web Application penetration testing which covers the following activities:
9. Scope of Work
Black Box
Penetration Test :
1. Website
2. Web Application
3. Mobile App
4. FrontEnd (General)
Assesment
Vulnerability
Gray Box
Penetration Test :
1. Website
2. Web Application
3. Mobile App
4. FrontEnd (General)
Assesment
Vulnerability
White box
-
9
11. Pentest Report (Delivery Out)
11
A penetration test report is the output of a technical security risk assessment
that acts as a reference for business and technical teams. It serves multiple
benefits in addition to a team’s internal vulnerability management process.
Based on the sensitivity and business relationships, a report is used as a
piece of evidence for product security assurance.
14. 14
MOBILE
Penetration Testing of Ezeelink, February 2019
Penetration Tester on Android Mobile Application, and Web
Application (API).
Penetration Testing of BNI TapCash Go, October
2019
Penetration Tester on Android Mobile Application.
Penetration Testing of BPRS Dhinar Asri, August
2020
Technical Writer and Penetration Tester on Web Application
and Infrastructure.
15. 15
DESKTOP
PROJECT
December 2019 --------- Acknowledged By Kaodim
Got Acknowledged by kaodim.com Security Team for
locating a security vulnerability in their web application.
April 2019 --------- Acknowledged By PegiPegi.com
Got Acknowledged by PegiPegi Security Team for locating a
security vulnerability in their web application.
Penetration Testing of BPJS Kesehatan, Oktober 2020
Penetration Tester on Web Application.